In Q1, more than 51% of phishing sites abused paid services, according to the Agari and PhishLabs Quarterly Threat Trends & Intelligence Report. This is the first time in five consecutive quarters where the majority of phishing sites were staged using Paid Domain Registrations or Compromised Sites. Phishing volume as a whole continues to increase in 2022 in comparison to the same time period last...

Vishing reports in Q1 2022 increased nearly 550% over Q1 2021, according to Agari and PhishLabs’ Quarterly Threat Trends & Intelligence Report. While these Response-Based attacks have recently displayed stunning numbers, malicious emails as a whole are growing steadily, and represent the top online attack vector targeting corporate users. Malicious emails are delivered primarily in the form of...

Social media attacks targeting enterprises have increased 105% from Q1 2021 to Q1 2022, according to Agari and PhishLabs’ latest Quarterly Threat Trends & Intelligence Report. Social media threat volume has consistently climbed quarter over quarter, as threat actors increasingly use social platforms to target business via fake pages, messaging, and advertisements. Every quarter, Agari and...

Impersonations of brands and executives on social media have grown more than 300% and 250% year-over-year, respectively, according to the Agari and PhishLabs Quarterly Threat Trends & Intelligence Report. This highlights the overall increase in social media activity and ease of accessibility for bad actors to repurpose stolen trademarks and intellectual property (IP) for a variety of malicious...

Vishing attacks have increased almost 550 percent over the last twelve months, according to Agari and PhishLabs’ Quarterly Threat Trends & Intelligence Report. The May report uses hundreds of thousands of phishing and social media threats analyzed and mitigated by Agari and PhishLabs, both of which are part of the Fortra cybersecurity portfolio. By identifying and mitigating attacks targeting...

PhishLabs has identified a Browser-in-the-Browser (BitB) campaign targeting financial institutions with a fake Office 365 (O365) authorization protocol. The attack is delivered via phishing email and redirects the victim to a website impersonating an O365 single sign-on (SSO) page. A BitB attack is a novel phishing technique that replicates pop-up windows used for SSO in an effort to steal login...

Qbot payloads targeting enterprises contributed to almost three quarters of all email-based malware since the beginning of 2022. Although reported malware activity among families continues to fluctuate dramatically from quarter to quarter, QBot reports in Q1 represent the highest volume of a single malware variety over the past 12 months. Phishing lures delivering payloads remain the primary...

Social media offers an important outline for people of all ages and walks of life to connect, share life experiences and post pictures of their breakfast. But oversharing - or not being wary of impostors - can lead to serious compromises in personal and professional security. In a press release on the report's findings, Phishlabs “enterprises must broaden their line of defense [in 2022,]...

In this guest blog, Dr Ed Amoroso, CEO, Tag Cyber, provides a high-level overview of the Fortra cybersecurity portfolio value proposition based on a mapping of its component solution offerings to the NIST Cybersecurity Framework (CSF) phases. Forty years ago, an engineer in Minnesota decided that computer costs for the IBM System/38 were getting too high. So, he began investigating and building...

Courtesy of Digital Guardian by Fortra. The FBI's annual look at phishing, scam, and personal data breach statistics is out. Like clockwork, the Federal Bureau of Investigation's annual Internet Crime Complaint Center (IC3) report (.PDF) is out, and with it, numbers that show a marked uptick in cybercrime over the past 365 days. Skimming through the report's 33 pages, it's hard not to notice the...

Courtesy of Agari by Fortra. You probably already know this, but it bears repeating: Email by itself is NOT secure; anyone can use someone else’s identity to send emails. In fact, email is the #1 way cyberattackers can target your customers and your email ecosystem. No brand is untouchable when it comes to attackers using or spoofing email domains to send spam, phishing attempts, malware, or...

Phishing site volume increased 28% over the course of 2021, according to PhishLabs Quarterly Threat Trends & Intelligence Report. Attacks last year displayed increasingly volatile behavior on a month-to-month basis, often intermixed with a variety of attack vectors. Despite a lack of congruency, phishing unequivocally remains the most dominant attack method targeting organizations. Every quarter,...

Social Media attacks targeting enterprises increased 103% in 2021, according to PhishLabs Quarterly Threat Trends & Intelligence Report. Social Media is rapidly becoming the threat channel of choice for criminals. The rapid expansion of consumer/business relationships through social platforms, coupled with less refined and controllable online security measures, makes social media a prime target...

Hybrid Vishing attacks have increased 554% in volume, according to PhishLabs’ Quarterly Threat Trends & Intelligence Report. Response-Based attacks such as these, combined with Credential Theft and Malware Delivery, collectively represent the top online attack vector targeting corporate users. Every quarter, PhishLabs analyzes hundreds of thousands of phishing and social media attacks targeting...

Social media threats targeting enterprises more than doubled last year. Attacks on the retail industry specifically have grown, as threat actors are targeting victims with impersonation and counterfeit ad campaigns. Purchasing behavior is increasingly influenced by social media, making it an attractive vector for these kinds of campaigns. The tendency of social media users to consume information...

Social Media attacks targeting organizations increased 103% in 2021, according to PhishLabs’ Threat Trends & Intelligence Report. The February 2022 report uses hundreds of thousands of threats analyzed and mitigated by PhishLabs to identify the top phishing and social media attacks targeting enterprises, employees, and their brands, as well as determine emerging trends throughout the threat...

Qbot and ZLoader payloads targeting enterprises contributed to almost 89% of email-based malware volume in Q4. Malware variants attributed to attacks continue to fluctuate from quarter to quarter, often dramatically, as criminal families combine or outsource operations to maximize their odds of lucrative campaigns. Qbot and ZLoader previously led payload volume in Q2 and Q1 (respectively) of 2021....

In Q3, more than 75% of threats observed on the Dark Web were related to stolen credit card and debit card data, according to PhishLabs’ Quarterly Threat Trends & Intelligence Report. While there are significant volumes of malicious activity targeting industries on the Dark Web, the extensive nature of credit card fraud makes this threat type the most pervasive. Every quarter, PhishLabs analyzes...